Friday Morning Cato Smackdown

Last week was the Cato debate between Cato scholars Roger Pilon and Bob Levy on the NSA surveillance issue. Like Ricahrd Epstein and Mark Moller, my sympathies were with Bob Levy, who argued that the president can’t simply ignore FISA when he decides it interferes with his conduct of the war on terrorism.

I’m not really qualified to get into the constitutional questions, which Levy handled ably, but I did want to comment on Pilon’s substantive argument about why the program was necessary. He quoted two people to make his case. First, he quoted the following from a Wall Street Journal article by Judge Posner:

FISA may serve for monitoring the communications of known terrorists, but it’s hopeless as a framework for detecting terrorists. It requires that surveillance be conducted pursuant to warrants based on probable cause to believe that the target of surveillance is a terrorist,
when the desperate need is to find out who is a terrorist.

Secondly, he quoted K. A. Taipale from a forthcoming article in the NYU Review of Law and Security:

In modern networks, communications are broken up into discrete packets, that travel along independent routes and are then reassembled. Not only is there no longer a dedicated circuit, but individual packets from the same communications may take completely different paths to their destinations. To intercept these kind of communications, filters and search strategies are deployed at various communication nodes to scan and filter all passing traffic, with the hope of finding and extracting those packets of interest and reassembling them into a coherent message. Even targeting a specific message from a known sender requires intercepting the entire commuincation flow. Were FISA strictly applied, no automated monitoring of any kind could occur.

Now, putting these two together, it’s hard to escape the conclusion that Pilon thinks that the federal government should monitor absolutely every communication in the world, domestic and foreign, without any court oversight whatsoever. After all, on modern packet-switched networks, it’s difficult to distinguish a foreign call from a domestic one. And it’s likely to be quite difficult to tap Internet cafes and satellite phones all over the third world, but it’s easy to tap into data centers around the United States. So if our goal is to conduct a dragnet for previously unknown terrorists, and if we need to intercept a lot of communications in order to do that, it’s hard to see how we can possibly restrict ourselves to only intercepting international calls.

Indeed, as the EFF lawsuit against AT&T has helped to highlight, that seems to be precisely what they’re doing. The NSA approached AT&T, twisted their arm, and got them to allow the installation of traffic-monitoring hardware that allowed the interception of all data flowing through AT&T’s data center. Presumably, they’ve done the same thing with the data centers of other major telecom companies.

Which makes Pilon’s argument that this is just about foreign surveilance puzzling. Even if we assume that he’s right that no warrant is required to intercept a call in which one participant is a US resident and the other is a foreigner, by his own admission it’s impractical to monitor only those calls. As a practical matter, if we’re going to monitor all domestic-to-foreign calls, we’re inevitably going to end up monitoring a lot of domestic-to-domestic calls as well.

I think the fundamental problem here is the premise of Posner’s quote–that the government should proactively monitor everyone’s communications (or at least all communications originating outside the United States) in order to detect previously unknown terrorists. Such a plan is neither practical nor desirable. It’s impractical because false positives are likely to swamp the NSA’s ability to do anything useful with the results. And it’s undesirable because there’s no reason to think that the program will remain limited either to terrorists or to foreigners. Especially if the program’s contours are to remain secret, we’ll have no way to monitor the program and ensure that it stays within legal bounds.

The whole purpose of the Fourth Amendment (at least as it has been interpreted in the 20th century) is to limit potentially abusive surveillance by the executive branch. It’s predicated on the assumtion that we can’t give the executive a free hand to conduct eavesdropping because that power might be abused. Pilon appears to explicitly reject that principle when he asserts that the legislative and judicial branches are exceeding their constitutional authority when they attempt to restrict the NSA’s surveillance program, a program that almost certainly intercepts some domestic communications along with foreign communications.

Finally, I think the Taipale quote overstates the extent to which modern communications networks impede domestic monitoring. If you’re trying to intercept the communications of a particular person, that’s not especially more difficult to do than it was a decade ago. True, on the Internet backbone you won’t be able to intercept one person’s traffic without tapping a lot of different communications links. But people still communicate with a small number of devices. You can get a wiretap warrant for the suspect’s cell phone. You can stick a packet sniffer on the user’s LAN, or tap into his cable or DSL line. You can conduct a black-bag search and install eavesdropping software on the user’s computer.

In short, there’s not a whole lot new here. New technologies are giving us new surveillance abilities, but the fundamental issues haven’t changed all that much. The argument against comprehensive surveillance was never that it wasn’t technically feasible. It was that we didn’t trust the government enough to give them that much power. That will continue to be true no matter how powerful eavesdropping technologies get.